Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    39KB

  • MD5

    2cb6d864b9841fa655284af27dd03813

  • SHA1

    9cd82b6a2a579c717061ae384e0350aecc81b03a

  • SHA256

    3039b05a6c40e5400832f3b2ddc88a0b950e37edc88c6955484d5b395fbbcaa6

  • SHA512

    319adc49a894ecdd6f524c0e75702c494fe07e0c451fd3b7f32da46586bf8224ff783a2970ed9ec1c389d2e398c43b3c390076a5671c6217aa50a29be122c90b

  • SSDEEP

    768:Uybn+v8csoYSQ5lLJKuuwhSZPypufFWPa9bL6POwhuaubkK:rn+EcsodQVJKuuwhSMEFv9bL6POwETf

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

147.185.221.21:31803:31803

calendar-mhz.gl.at.ply.gg:31803
Mutex

K9AREC0DsGwRG236

Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections